Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/453199-6343-4c67-b87e-32eb3a4ead43/1/u9Sx8vquonuxfGSR4H7LLp3rbKI.roa
File: u9Sx8vquonuxfGSR4H7LLp3rbKI.roa (raw, json)
Hash identifier: 2NhtYGZCkznHHTIw/AAV97Orzomj5GZcOrYU4RhtX1Y=
Subject key identifier: BB:D4:B1:F2:FA:AE:A2:7B:B1:7C:64:91:E0:7E:CB:2E:9D:EB:6C:A2
Certificate issuer: /CN=a5c249eb6fa6b5dbaf6ab9deb3a7778ee0eb3487
Certificate serial: 019421439E67563FFBF465DAF72A8F674CEA
Authority key identifier: A5:C2:49:EB:6F:A6:B5:DB:AF:6A:B9:DE:B3:A7:77:8E:E0:EB:34:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pcJJ62-mtduvarnes6d3juDrNIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/453199-6343-4c67-b87e-32eb3a4ead43/1/u9Sx8vquonuxfGSR4H7LLp3rbKI.roa
Signing time: Wed 01 Jan 2025 09:47:47 +0000
ROA not before: Wed 01 Jan 2025 09:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 170.237.6.0/23 maxlen: 24
170.237.8.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:9e:67:56:3f:fb:f4:65:da:f7:2a:8f:67:4c:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5c249eb6fa6b5dbaf6ab9deb3a7778ee0eb3487
Validity
Not Before: Jan 1 09:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bbd4b1f2faaea27bb17c6491e07ecb2e9deb6ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ce:bc:2f:90:d5:67:bd:1a:a0:b5:a9:2b:d9:
ea:05:e7:1b:ca:28:33:9c:7c:19:f7:88:b4:82:94:
8b:bb:a6:a9:4c:b3:d3:66:88:04:95:88:12:50:55:
ba:8f:83:4a:7a:c3:ff:7e:84:b4:b6:a8:9a:75:ed:
c6:aa:8c:48:c4:e2:b0:a3:27:55:ac:74:75:35:66:
65:f4:c5:26:98:bb:e7:23:8c:91:88:8a:29:9e:01:
5f:62:16:23:43:84:10:dc:72:8a:93:11:de:81:6f:
4e:3b:68:3e:70:ab:ec:7f:08:01:68:56:15:32:86:
bd:e7:83:c6:37:14:2b:ca:3d:fb:c5:c9:f2:1b:fa:
50:9b:6a:31:9c:ac:53:39:19:b4:56:30:70:9b:e6:
c1:a0:41:e5:4b:b3:e2:d4:f0:2b:c4:62:79:68:b2:
4a:c1:b6:85:23:12:21:0e:06:ec:ee:bd:4d:99:23:
80:3f:89:9b:b4:34:71:c3:45:8c:6d:a2:96:60:c3:
c9:c5:1e:22:b7:af:2f:a7:32:11:2d:48:0c:f9:9f:
44:78:ce:a7:af:2c:67:71:30:71:01:db:50:2a:30:
64:3f:3a:ea:f2:6d:47:c4:59:d7:b8:e8:fc:75:c0:
a1:20:cc:8e:d9:c9:ab:e6:35:a3:d7:55:de:e0:67:
55:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:D4:B1:F2:FA:AE:A2:7B:B1:7C:64:91:E0:7E:CB:2E:9D:EB:6C:A2
X509v3 Authority Key Identifier:
keyid:A5:C2:49:EB:6F:A6:B5:DB:AF:6A:B9:DE:B3:A7:77:8E:E0:EB:34:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pcJJ62-mtduvarnes6d3juDrNIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/453199-6343-4c67-b87e-32eb3a4ead43/1/u9Sx8vquonuxfGSR4H7LLp3rbKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/453199-6343-4c67-b87e-32eb3a4ead43/1/pcJJ62-mtduvarnes6d3juDrNIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.237.6.0-170.237.9.255
Signature Algorithm: sha256WithRSAEncryption
70:32:f2:c6:7d:f6:d7:37:32:51:79:57:cc:91:26:06:57:0e:
cb:a1:3d:16:aa:d6:9d:09:5f:a3:1b:2f:ae:3c:76:24:74:25:
ef:49:4e:de:31:2c:d0:88:5e:3f:10:98:2c:e1:74:b4:7d:82:
99:6f:3a:eb:06:8e:07:27:b6:7f:c3:9b:82:1e:b8:b0:03:99:
cb:da:9a:58:0f:fc:50:00:bf:cf:bc:d4:0c:d8:bb:30:9b:d8:
77:01:3f:9b:55:4d:ec:58:1f:98:61:3d:58:b3:57:47:c7:7c:
4f:f0:a3:a5:96:36:ba:20:ee:2c:e5:4d:d7:4c:06:f8:5b:56:
cc:d7:7e:3e:17:99:88:41:ed:e9:82:82:23:74:2a:80:82:cf:
bd:68:37:6d:cd:92:ae:26:43:8f:ca:33:f6:cd:c1:ff:3b:2b:
32:69:9a:4a:7d:f6:8b:0b:f2:ba:f9:22:49:e2:f5:ea:64:53:
f8:78:79:d2:c2:c6:a7:e1:48:ee:e8:78:50:53:43:94:22:14:
f1:5a:f0:ef:51:f0:5b:9b:73:1d:17:5b:8e:eb:b0:ef:f8:9f:
93:14:4c:42:f0:3c:80:fc:fd:e9:e6:33:c6:fb:b7:88:83:af:
cc:43:0f:82:15:73:17:28:ae:88:d8:16:15:2d:95:05:aa:32:
3f:f2:77:5e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQhQ55nVj/79GXa9yqPZ0zqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YzI0OWViNmZhNmI1ZGJhZjZhYjlkZWIzYTc3NzhlZTBl
YjM0ODcwHhcNMjUwMTAxMDk0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmQ0YjFmMmZhYWVhMjdiYjE3YzY0OTFlMDdlY2IyZTlkZWI2Y2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs868L5DVZ70aoLWpK9nqBecbyigz
nHwZ94i0gpSLu6apTLPTZogElYgSUFW6j4NKesP/foS0tqiade3GqoxIxOKwoydV
rHR1NWZl9MUmmLvnI4yRiIopngFfYhYjQ4QQ3HKKkxHegW9OO2g+cKvsfwgBaFYV
Moa954PGNxQryj37xcnyG/pQm2oxnKxTORm0VjBwm+bBoEHlS7Pi1PArxGJ5aLJK
wbaFIxIhDgbs7r1NmSOAP4mbtDRxw0WMbaKWYMPJxR4it68vpzIRLUgM+Z9EeM6n
ryxncTBxAdtQKjBkPzrq8m1HxFnXuOj8dcChIMyO2cmr5jWj11Xe4GdVXQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLvUsfL6rqJ7sXxkkeB+yy6d62yiMB8GA1UdIwQY
MBaAFKXCSetvprXbr2q53rOnd47g6zSHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGNKSjYyLW10ZHV2YXJuZXM2ZDNqdURyTkljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi80NTMxOTktNjM0My00YzY3LWI4N2Ut
MzJlYjNhNGVhZDQzLzEvdTlTeDh2cXVvbnV4ZkdTUjRIN0xMcDNyYktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi80NTMxOTktNjM0My00YzY3LWI4N2UtMzJlYjNhNGVhZDQz
LzEvcGNKSjYyLW10ZHV2YXJuZXM2ZDNqdURyTkljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGq7QYD
BAGq7QgwDQYJKoZIhvcNAQELBQADggEBAHAy8sZ99tc3MlF5V8yRJgZXDsuhPRaq
1p0JX6MbL648diR0Je9JTt4xLNCIXj8QmCzhdLR9gplvOusGjgcntn/Dm4IeuLAD
mcvamlgP/FAAv8+81AzYuzCb2HcBP5tVTexYH5hhPVizV0fHfE/wo6WWNrog7izl
TddMBvhbVszXfj4XmYhB7emCgiN0KoCCz71oN23Nkq4mQ4/KM/bNwf87KzJpmkp9
9osL8rr5Ikni9epkU/h4edLCxqfhSO7oeFBTQ5QiFPFa8O9R8Fubcx0XW47rsO/4
n5MUTELwPID8/enmM8b7t4iDr8xDD4IVcxcorojYFhUtlQWqMj/yd14=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:43 2025 by rpki-client on console.sobornost.net